ELSA-2022-1781 - grafana security, bug fix, and enhancement update
| Type: | SECURITY |
| Impact: | LOW |
| Release Date: | 2022-05-17 |
Description
[7.5.11-2]
- resolve CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache
- resolve CVE-2021-43813 grafana: directory traversal vulnerability for *.md files
[7.5.11-1]
- update to 7.5.11 tagged upstream community sources, see CHANGELOG
- resolve CVE-2021-39226
[7.5.10-1]
- update to 7.5.10 tagged upstream community sources, see CHANGELOG
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle Linux 8 (aarch64) | grafana-7.5.11-2.el8.src.rpm | 323eaf6de9dc5796fa8f2619eaf3e521d83580f8fcb7eeb982a800adca07bcb8 | - | ol8_aarch64_appstream |
| grafana-7.5.11-2.el8.aarch64.rpm | e34caf16423373691a2fc4e11469cbef059bb3c846a01858fc27aca86f9f462c | - | ol8_aarch64_appstream |
|
| Oracle Linux 8 (x86_64) | grafana-7.5.11-2.el8.src.rpm | 323eaf6de9dc5796fa8f2619eaf3e521d83580f8fcb7eeb982a800adca07bcb8 | - | ol8_x86_64_appstream |
| grafana-7.5.11-2.el8.x86_64.rpm | 642e06d831c7d8de8bf761a8ffdd677cdc8da4a70ecc28067cc0563fdda367bc | - | ol8_x86_64_appstream |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
